db-derby-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "George Baklarz (JIRA)" <derby-...@db.apache.org>
Subject [jira] Created: (DERBY-224) System versus Database authentication conflict
Date Thu, 14 Apr 2005 01:19:17 GMT
System versus Database authentication conflict
----------------------------------------------

         Key: DERBY-224
         URL: http://issues.apache.org/jira/browse/DERBY-224
     Project: Derby
        Type: Improvement
  Components: Security  
    Versions: 10.0.2.0    
 Environment: Windows XP Professional SP1
    Reporter: George Baklarz


As a system user (authentication enabled at the system level), it is possible for someone
registered at the database level to prevent me from accessing it (this was done with BUILTIN
authentication).

This occurs because of a conflict between two identical userids. If I create a system user
(sa) with a password of "Derby" and a user at the database level is created with a userid
of sa with a password of "Apache", this user will take precedence on the connect command to
the database. 

So there are really two problems here. 

(1) Duplicate userids are allowed between system level users and database users
(2) Database userids take precedence over system users.

This may be working as designed, but it surpised me when I couldn't connect to the database
because of an incorrect password. I would have liked the system userid to connect to all databases
even if a local database userid was present.

-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
   http://issues.apache.org/jira/secure/Administrators.jspa
-
If you want more information on JIRA, or have a bug to report see:
   http://www.atlassian.com/software/jira


Mime
View raw message